Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
File: 2a0347bc-2355-45ba-953f-4658b951cf4b.roa (raw, json)
Hash identifier: w1G2pu5tw0yhnMiGwvFq21cHewy2oBSiC7jqKMHoKYo=
Subject key identifier: 9D:9F:22:05:80:C0:04:7A:EF:A5:23:06:9B:CD:B8:C7:4C:B4:32:8A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 240E0EF2AF8C19B7039A044D4F12E295DDF4D3D6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
Signing time: Sat 05 Apr 2025 00:10:28 +0000
ROA not before: Sat 05 Apr 2025 00:10:28 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:78c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:0e:0e:f2:af:8c:19:b7:03:9a:04:4d:4f:12:e2:95:dd:f4:d3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:28 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=5c0399a58ca17394493a780cf793d90577ffaf3610b794c22a85f08057f5c363, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:2a:67:de:45:f4:f2:e1:bb:df:d2:6d:59:73:
ab:fa:12:fd:93:33:37:c9:8a:a9:05:02:91:96:08:
2d:78:a1:cb:e1:e8:bf:ea:c1:86:cc:84:2b:e1:fb:
2c:32:b4:a6:68:7a:3f:91:55:15:98:ce:b4:36:a0:
c7:10:12:74:d5:fe:96:1b:fb:ed:0d:45:b2:8f:65:
e7:5a:57:34:5a:b9:b8:94:6e:5c:2a:1f:e1:d4:d1:
7b:c9:73:c9:db:98:6e:0b:66:dd:60:7b:7a:0e:45:
d5:48:6c:44:73:53:70:23:28:cb:8d:99:4b:1a:43:
6c:c3:ca:4a:6f:18:56:37:b7:aa:52:eb:59:c5:d7:
f3:d0:aa:38:b2:39:d8:76:6d:77:fe:c5:7f:27:1a:
95:0e:d5:6e:ae:fd:a5:e8:a7:68:45:b2:49:26:8e:
8a:ff:ac:aa:ec:71:55:7a:29:56:dd:f3:82:13:2d:
c7:d4:65:a5:e8:e7:a7:09:11:f0:23:19:1c:a4:71:
db:cb:ac:c7:05:a7:13:b9:d6:99:01:dd:5c:97:8b:
0b:8b:fd:31:59:04:b5:4f:14:6d:f4:10:25:26:3e:
84:03:a7:f2:b3:bc:3b:81:3d:34:7e:13:c0:35:af:
32:1f:5e:75:dd:2d:1b:d0:19:e2:c4:01:97:3b:3c:
e7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9F:22:05:80:C0:04:7A:EF:A5:23:06:9B:CD:B8:C7:4C:B4:32:8A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:78c0::/46
Signature Algorithm: sha256WithRSAEncryption
1d:50:ee:4e:5e:eb:fe:d3:10:96:ad:d1:60:03:8a:e8:37:0b:
b3:88:e3:d7:4a:0f:ab:10:7a:fb:a0:c1:84:8d:08:ec:f7:5c:
b1:3c:15:2b:2d:ca:7f:6f:20:39:99:c5:98:63:af:de:55:e9:
3c:44:d3:05:13:08:d3:33:fc:84:8c:bd:bd:19:ec:bd:2f:c5:
44:bc:25:1a:94:27:13:0d:a2:5d:32:b9:aa:f2:74:a7:60:c2:
cf:03:bc:64:68:f9:d7:37:b1:d1:4d:da:33:f3:00:29:9d:9e:
bf:ea:8a:83:de:27:57:60:97:bd:51:eb:75:53:62:33:80:3c:
19:6d:e8:02:db:6b:4b:4b:14:5f:cd:40:b0:8d:eb:69:41:e5:
85:09:e0:0a:82:ab:69:94:dd:0e:6c:dc:0e:e5:b7:1a:20:25:
9e:b2:d8:b4:69:fa:72:6e:76:67:c7:a6:66:b5:86:64:f4:02:
7c:80:51:b2:8e:38:9f:1c:62:45:34:a2:9e:28:f0:51:24:2f:
23:17:f9:4a:1a:f7:e3:8d:30:05:07:7c:a4:ec:0c:ec:6f:33:
66:5d:df:6f:f8:dc:be:c3:f6:d0:d4:3c:0a:60:cf:38:44:24:
ae:13:1c:34:5b:50:8f:98:eb:9d:fa:cf:c6:ed:53:72:8e:45:
84:a7:55:31
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJA4O8q+MGbcDmgRNTxLild3009YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwMjhaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMDM5OWE1OGNhMTczOTQ0OTNhNzgwY2Y3OTNkOTA1NzdmZmFmMzYxMGI3
OTRjMjJhODVmMDgwNTdmNWMzNjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPcqZ95F9PLhu9/SbVlzq/oS/ZMzN8mKqQUCkZYILXihy+Hov+rBhsyEK+H7
LDK0pmh6P5FVFZjOtDagxxASdNX+lhv77Q1Fso9l51pXNFq5uJRuXCof4dTRe8lz
yduYbgtm3WB7eg5F1UhsRHNTcCMoy42ZSxpDbMPKSm8YVje3qlLrWcXX89CqOLI5
2HZtd/7FfycalQ7Vbq79peinaEWySSaOiv+squxxVXopVt3zghMtx9RlpejnpwkR
8CMZHKRx28usxwWnE7nWmQHdXJeLC4v9MVkEtU8UbfQQJSY+hAOn8rO8O4E9NH4T
wDWvMh9edd0tG9AZ4sQBlzs85/UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdnyIF
gMAEeu+lIwabzbjHTLQyijAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmEwMzQ3YmMtMjM1NS00NWJhLTk1M2YtNDY1OGI5NTFjZjRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
wDANBgkqhkiG9w0BAQsFAAOCAQEAHVDuTl7r/tMQlq3RYAOK6DcLs4jj10oPqxB6
+6DBhI0I7PdcsTwVKy3Kf28gOZnFmGOv3lXpPETTBRMI0zP8hIy9vRnsvS/FRLwl
GpQnEw2iXTK5qvJ0p2DCzwO8ZGj51zex0U3aM/MAKZ2ev+qKg94nV2CXvVHrdVNi
M4A8GW3oAttrS0sUX81AsI3raUHlhQngCoKraZTdDmzcDuW3GiAlnrLYtGn6cm52
Z8emZrWGZPQCfIBRso44nxxiRTSinijwUSQvIxf5Shr3440wBQd8pOwM7G8zZl3f
b/jcvsP20NQ8CmDPOEQkrhMcNFtQj5jrnfrPxu1Tco5FhKdVMQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net